A British cybersecurity firm has reportedly uncovered the compromised personal data of approximately 5.5 million employees of the world’s 1,000 largest corporations.
Corporate e-mail addresses — along with their associated passwords — serve as just one example of the sensitive information exposed. While Digital Shadows did not reveal the identities of those compromised, it includes just about everyone working for any of the companies in question. A whopping 97 percent of those employed by the world’s biggest names have been exposed by information oozing from LinkedIn, DropBox, and MySpace.
It wasn’t hard to find. Many of the employees had signed up for these services with their work e-mails and reused their assigned passwords. Nearly 300,000 came from dating websites such as Ashley Madison and Adult Friend Finder, in relation to widely reported leaks. Even so, the vast majority — about 90 percent of what was found — had not been discovered until now.
Rick Holland, Vice President of Strategy at Digital Shadows, found the report especially worrying. He thought that they would “see a lot of duplicates” in the information, proving that the companies concerned were already aware and could have potentially dealt with the problem already. But despite going all the way back to 2012, only about 10 percent of the information they found had previously been reported.
Holland says that this is “bad news,” and it’s not hard to see why. Robert Capps, Vice President of Business Development at NuData Security references China’s “Facebook of Everything” project, in which their intelligence agencies are compiling personal data from the USA’s biggest breaches. According to Capps, “their stated goal is to compile it into a massive Facebook-like network to build a profile of everyone, with more details than Facebook.”
For now, multi-factor authentication is the best remedy, along with regular password changes. It’s a small cost in vigilance, that can — and does — otherwise cost tens of billions.
Follow Nate Church @Get2Church on Twitter for the latest news in gaming and technology, and snarky opinions on both.